Null pointer dereference

2019-03-2116:01:00

PRIOn knowledge base

www.prio-n.com

5.4 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

20.2%

JSON

SmartDefragDriver.sys (2.0) in IObit Smart Defrag 6 never frees an executable kernel pool that is allocated with user defined bytes and size when IOCTL 0x9C401CC4 is called. This kernel pointer can be leaked if the kernel pool becomes a “big” pool.

CPENameOperatorVersion
smart_defrageq6.0

CPE	Name	Operator	Version
	smart_defrag	eq	6.0

References

downwithup.github.io/CVEPosts.html